Legal Aspects of Information Security

  • Structuring the Corporate Governance of Information Security: preparation and review of documents such as the Code of Ethical Conduct, Information Security Policy, Policy for Home Office, Policy for Bring You Own Device (BYOD), Manual for Safe Online Meeting, Terms of Use, Employment Contract and Contractual Clauses for Contracts with Suppliers, Partners and Clients;
  • Technological Controls of Information Security: legal analysis to assess legal risks related to employee privacy;
  • Data Loss Prevention alert management: assessment of alerts produced by DLP systems in order to assess legal impacts, optimize system configurations and give effectiveness to Information Security Policies;
  • Awareness: preparation and curatorship of contents for educational and information security awareness purposes, such as lectures, booklets, videos, knowledge pills, among others; and
  • Crisis management: legal support in the management of crisis arising from information security incidents, with participation in crisis committees, achievement of legal score of the severity of the incident, review of the communication strategy, action before the competent authorities and dialogue with partners, suppliers and holders affected by the incident.

#SegurancadaInformação | #GovernancaCorporativa | #Politicas | #EducacaoDigital | #ControlesInternos | #Privacidade | #BYOD | #GestaodeCrise | #IncidenteSeguranca